<html>
<head><meta charset="utf-8"><title>Old crossbeam::queue causing SIGILL · wg-secure-code · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/index.html">wg-secure-code</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html">Old crossbeam::queue causing SIGILL</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="172659782"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172659782" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172659782">(Aug 07 2019 at 08:38)</a>:</h4>
<p>With some compiler changes (that are being backed out to give broken code some more time to get fixed), ancient crossbeam::queue <a href="https://github.com/amethyst/amethyst/issues/1808" target="_blank" title="https://github.com/amethyst/amethyst/issues/1808">SIGILLs</a> because it causes UB by calling mem::zeroed or mem::uninitialized the wrong way. A fixed version is out for 7 months but some projects are <a href="https://github.com/ishitatsuyuki/amethyst/commit/bf578203e3fc13f23e62515911e83de8366e9240" target="_blank" title="https://github.com/ishitatsuyuki/amethyst/commit/bf578203e3fc13f23e62515911e83de8366e9240">updating only now that they have to</a>. Is it appropriate to file an advisory to make people upgrade, or is that not how advisories are supposed to be used? We have no information on exploitability or severity, all we know is "there is UB" (and I am not really interested in spending lots of time to figure out how bad the UB is).<br>
The crossbeam 0.4 versions are broken, and crossbeam-queue 0.1 seems fixed. Which version of crossbeam itself is the first to be fixed I don't know (<span class="user-mention" data-user-id="128448">@stjepang</span> ?)</p>



<a name="172659920"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172659920" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172659920">(Aug 07 2019 at 08:40)</a>:</h4>
<p>(There was another bug fixed by crossbeam 0.4.1, but that does not seem to be the same one -- crates using 0.4.1 still saw SIGILLs.)</p>



<a name="172668504"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172668504" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Alex Gaynor <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172668504">(Aug 07 2019 at 11:17)</a>:</h4>
<p>Personally, I don't think it's right to file an advisory unless we think it's actually a security issu</p>



<a name="172747328"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172747328" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172747328">(Aug 08 2019 at 08:25)</a>:</h4>
<p>fair. but I will also note that once I found that some code is UB or is unsound (lets safe code trigger UB), I see my "job" done. whether that is exploitable in any way -- basically coming up with an exploit -- is not even a formally well-defined question, it is a very practical question concerned with what exactly the compiler happens to (not) do. it is not an interesting question to me. I have little expertise in that area and I think I have  better ways to spend my time.<br>
I am not saying you should change your policy, I am just informing you that there is a gap here and that this will mean I am unlikely to file many advisories even if I find lots of UB and some of it is actually security-relevant.</p>



<a name="172747453"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172747453" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172747453">(Aug 08 2019 at 08:27)</a>:</h4>
<p>maybe there are people interested in closing that gap? I'd be happy to leave a note <em>somewhere</em> any time I find UB, and I'd be happy to explain the what and why and where, so should someone be interested they can see if this justifies an advisory or not.</p>



<a name="172782187"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172782187" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Thom Chiovoloni <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172782187">(Aug 08 2019 at 16:55)</a>:</h4>
<p>did these versions of crossbeam_queue pull in the memoffset that had a notice recently? i feel like they did but could be wrong. if they do then anybody who follows the notices already will have updated, i think</p>



<a name="172833330"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172833330" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172833330">(Aug 09 2019 at 08:12)</a>:</h4>
<p>hm, good question</p>



<a name="172833365"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172833365" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172833365">(Aug 09 2019 at 08:13)</a>:</h4>
<p>yes, seems like they did. crossbeam 0.4 -&gt; crossbeam-epoch 0.5 -&gt; memoffset 0.2</p>



<a name="172833415"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/172833415" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> RalfJ <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#172833415">(Aug 09 2019 at 08:14)</a>:</h4>
<p>so people following advisories are already warned. good :)</p>



<a name="173032770"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/146229-wg-secure-code/topic/Old%20crossbeam%3A%3Aqueue%20causing%20SIGILL/near/173032770" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Tony Arcieri <a href="https://rust-lang.github.io/zulip_archive/stream/146229-wg-secure-code/topic/Old.20crossbeam.3A.3Aqueue.20causing.20SIGILL.html#173032770">(Aug 12 2019 at 15:22)</a>:</h4>
<p><span class="user-mention" data-user-id="120791">@RalfJ</span> unless it's a security issue, I'd imagine yanking would be better, but if the memoffset stuff did it vicariously, great</p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>